Update to latest branch commit

jean-airoldie · jean-airoldie · commit 7ef858c4072e · 2025-05-04T10:31:32.000-04:00
diff --git a/rcgen/src/csr.rs b/rcgen/src/csr.rs
@@ -11,8 +11,6 @@ use crate::{
 };
 #[cfg(feature = "x509-parser")]
 use crate::{CustomExtension, DistinguishedName, SanType};
-#[cfg(feature = "x509-parser")]
-use x509_parser::asn1_rs::Oid;
 
 /// A public key, extracted from a CSR
 #[derive(Debug, PartialEq, Eq, Hash)]
@@ -97,7 +95,7 @@ impl CertificateSigningRequestParams {
 	#[cfg(all(feature = "pem", feature = "x509-parser"))]
 	pub fn from_pem_validated<F>(pem_str: &str, valid_fn: F) -> Result<Self, Error>
 	where
-		F: FnMut(&Oid, &[u8]) -> Result<(), Error>,
+		F: FnMut(&x509_parser::extensions::UnsupportedExtension) -> Result<(), Error>,
 	{
 		let csr = pem::parse(pem_str).or(Err(Error::CouldNotParseCertificationRequest))?;
 		Self::from_der_validated(&csr.contents().into(), valid_fn)
@@ -115,7 +113,7 @@ impl CertificateSigningRequestParams {
 	/// [`rustls_pemfile::csr()`]: https://docs.rs/rustls-pemfile/latest/rustls_pemfile/fn.csr.html
 	#[cfg(feature = "x509-parser")]
 	pub fn from_der(csr: &CertificateSigningRequestDer<'_>) -> Result<Self, Error> {
-		Self::from_der_validated(csr, |_, _| Ok(()))
+		Self::from_der_validated(csr, |_| Ok(()))
 	}
 
 	/// Parse a certificate signing request from DER-encoded bytes using the provided
@@ -131,7 +129,7 @@ impl CertificateSigningRequestParams {
 		mut valid_fn: F,
 	) -> Result<Self, Error>
 	where
-		F: FnMut(&Oid, &[u8]) -> Result<(), Error>,
+		F: FnMut(&x509_parser::extensions::UnsupportedExtension) -> Result<(), Error>,
 	{
 		use crate::KeyUsagePurpose;
 		use x509_parser::prelude::FromDer;
@@ -208,20 +206,17 @@ impl CertificateSigningRequestParams {
 							return Err(Error::UnsupportedExtension);
 						}
 					},
-					x509_parser::extensions::ParsedExtension::UnsupportedExtension {
-						oid,
-						value,
-					} => {
-						valid_fn(oid, value)?;
-						let oid: Vec<u64> = match oid.iter() {
+					x509_parser::extensions::ParsedExtension::UnsupportedExtension(val) => {
+						valid_fn(val)?;
+						let oid: Vec<u64> = match val.oid.iter() {
 							Some(iter) => iter.collect(),
 							None => return Err(Error::UnsupportedExtension),
 						};
-						let ext = CustomExtension::from_oid_content(&oid, value.to_vec());
+						let mut ext = CustomExtension::from_oid_content(&oid, val.value.to_vec());
+                        ext.set_criticality(val.critical);
 						params.custom_extensions.push(ext);
 					},
 					other => {
-						dbg!(&other);
 						return Err(Error::UnsupportedExtension);
 					},
 				}
diff --git a/rcgen/tests/generic.rs b/rcgen/tests/generic.rs
@@ -135,8 +135,8 @@ mod test_x509_custom_ext {
 
 		let csr_params = rcgen::CertificateSigningRequestParams::from_der_validated(
 			test_cert_csr.der(),
-			|oid, value| {
-				if oid != &test_oid || value != &test_ext {
+			|ext| {
+				if ext.oid != test_oid || ext.value != &test_ext || !ext.critical {
 					Err(rcgen::Error::UnsupportedExtension)
 				} else {
 					Ok(())
